As far as checking is concerned, you could try many cgi scanners like whisker for example and many more. Then see if the packet actually hit your apache in apache's logs. Regards, --------- Muhammad Faisal Rauf Danka Chief Technology Officer Gem Internet Services (Pvt) Ltd. web: www.gem.net.pk Vice President Pakistan Computer Emergency Responce Team (PakCERT) web: www.pakcert.org Chief Security Analyst Applied Technology Research Center (ATRC) web: www.atrc.net.pk --- Pyuesh Daya <pyueshd@na.co.za> wrote: > >Hi Guys > >Has anybody tried to --string command to match a header string and deny the packet. For example : > >$IPTABLES -t filter -I FORWARD -i eth0 -p tcp --dport 80 -m string --string="cmd.exe" -j LOG --log-level $LOGLEVEL --log-prefix "String Header Match" > >How would I actually check if this works. >-- >Regards >Pyuesh Daya >Tel : (011) 719 0384 >Fax : (011) 719 0444 >------------------------------------------------------------------------ > To unsubscribe email security-discuss-request@linuxsecurity.com > with "unsubscribe" in the subject of the message. _____________________________________________________________ --------------------------- [ATTITUDEX.COM] http://www.attitudex.com/ --------------------------- _____________________________________________________________ Promote your group and strengthen ties to your members with email@yourgroup.org by Everyone.net http://www.everyone.net/?btn=tag ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@linuxsecurity.com with "unsubscribe" in the subject of the message.
